• SANS Cloud Security Survey

SANS 2019 Cloud Security Survey findings

  The SANS Institute released a new cloud security report recently based on a survey of several hundred companies across the US, Asia, Europe, and Canada. The companies surveyed ranged from the small (under 1000 employees) to the very large (over 50000 employees) and represented a variety of industries including 32 percent

2019-12-10T07:22:12+00:00May 30th, 2019|

Adobe releases 87 patches for vulnerabilities

In a massive patch update on Tuesday, Adobe released security patches for 87 vulnerabilities in four of its products - Adobe Acrobat, Adobe Reader, Adobe Flash Player, and Adobe Media Encoder. As many as 84 of the 87 patches address vulnerabilities in Acrobat and Reader. Of these, 36 fall in the “information

2020-02-10T05:53:56+00:00May 15th, 2019|

CISA releases BOD 19-02 setting out Vulnerability Remediation Requirements for Federal Agencies

The Cybersecurity and Infrastructure Security Agency (CISA) released its latest Binding Operational Directive (BOD 19-02), “Vulnerability Remediation Requirements for Internet-Accessible Systems”, this week. The directive supersedes BOD 15-01, “Critical Vulnerability Mitigation Requirement for Federal Civilian Executive Branch Departments and Agencies’ Internet-Accessible Systems”, which came out in 2015. BOD 15-01 required federal agencies

2019-12-10T07:31:07+00:00May 1st, 2019|

What do you do when you hear about a large-scale data breach?

Survey finds that 56 percent of Americans have never checked to see they were ever data-breach victims According to a survey conducted by Lexington Law, most Americans either do not know what to do when they become aware of serious data breaches in the country or don’t care enough to check if

2019-12-10T07:31:39+00:00April 25th, 2019|
  • Micros Retail Compromise

Are Merchants Using Oracle’s Micros Retail POS Systems at Risk?

The Board is looking to the CIO for constant business transformation, in order to meet the market needs. Most CIOs get lost while satisfying business requirements, and are not able to focus on Security. That is one of the main reasons why Retailers are constantly getting hacked, day after day. PCI can

2019-12-10T07:32:45+00:00August 31st, 2016|
  • The Evolution of the CISO

The CISO Evolution

As someone who previously worked in developing speaker bureaus and C-Level events he was always an executive that I wanted to meet, speak with, and learn from.  What is interesting, is that this occurred some 20+ years ago.  So, where are we now?  Well, what I can tell you is that even

2019-12-10T07:35:52+00:00August 25th, 2016|

All you need to know about Ransomware

What is Ransomware? Ransomware is a type of malware which encrypts your personal files and sells the decryption key back to you for a ransom, normally in the range of hundreds to thousands of dollars. How does one get infected? Fundamentally, ransomware is simply another type of computer virus, and your computer

2019-12-10T07:36:49+00:00July 17th, 2016|

Lessons Learned From the Bank of Bangladesh

Security people also have to be “light on their feet” and “think outside of the box,” because the hacks keep coming, and the hackers are always finding new ways to affect your systems. One can never say that a hacker has found unintended consequences when going after users, because they are always

2019-12-10T07:37:19+00:00May 16th, 2016|

Modern Computer Security Protections from an Attacker’s Perspective

Although computer hackers have been breaking into systems, disabling and attacking networks, stealing intellectual property, and taking control over compromised systems for decades, the modern era of cyber-security only started in the ‘90s. But even in the early days of the new era, computer hacks were split into two main categories: social

2019-12-10T07:39:04+00:00May 4th, 2016|